Insurance Distribution Firm Positions Itself for Successful IPO and Global Expansion with Finance and Technology Transformation

The organisation would need to establish a Sarbanes-Oxley (SOX) compliance programme, required of all public companies, with a focus on remediating the deficiencies created by the material weaknesses. It would also need to transform its technology systems, particularly within the finance function. And it would need an effective data strategy that would enable it to effectively integrate data from the acquired companies, creating a single source of truth for effective decision making.

The company engaged Protiviti to assist it with preparations for SOX compliance, finance transformation through system implementations and process redesign, and development of an organisational data strategy. Protiviti would serve as a trusted advisor, providing the right expertise, resources and solutions to address the big picture goals the company wanted to achieve.

Sorting through SOX requirements to achieve compliance

Given the highly regulated nature of the insurance industry, establishing a SOX compliance programme scope and project plan, along with creating an internal audit function, was critical. The company collaborated with Protiviti and their external auditor to conduct remediation workshops over high-risk areas. The team tested operating effectiveness and assessed control design performance via walkthroughs, and addressed remediation efforts, internal control design and improvement opportunities.

As a result of these efforts, the organisation gained substantial benefits, including:

• Development of SOX planning and risk assessment tools and facilitation of training programmes
• Implementation of overall SOX programme management, including scope and coordination with external auditors
• Creation of a detailed project plan to manage timeline, material weakness remediation efforts and resources
• Documentation of control design and operating effectiveness, including flow charts, process narratives, risk and control matrices, and test plans

Transforming the finance function

As the company progressed its growth strategy, its leadership wanted to mature the organisation’s highly manual processes and capabilities, with a focus on transforming the finance function. They approached the challenge with a mindset of scalability, knowing they needed to grow their technology and capabilities and implement the right technology to support automation and integration now while scaling for aggressive growth in the future.

Working in partnership with Protiviti, leadership identified several critical areas for improvement and a roadmap to address them. These areas included the control environment, policies and procedures, complex transactions and IT general controls (ITGCs). Through interviews and workshops with finance and operational stakeholders, Protiviti and company leadership analysed key processes to identify discrepancies between business requirements and available software functionality.

The team designed a target operating model and identified the optimal “fit for purpose” solutions, setting the stage for successful systems implementations. Multiple business finance processes were addressed, including accounts payable, fixed assets, financial reporting, reconciliations and financial close management, human capital management and access management. The organisation achieved several benefits from this process, including:

• Successful implementation of point solutions to support key business transformation objectives, including NetSuite ERP, Blackline for end-to-end record-to-reporting, Okta for access management, and Workday for human resources and RP&A
• Readiness to go through the implementation process based on the Phase Zero solution design approach that included developing process maps and creating a shared-risk/shared-gain relationship between technology and the business
• Process efficiencies (e.g., financial close), as well as the ability to remediate audit and control deficiencies related to SOX compliance

By focusing on the right technology solutions to meet the company’s requirements over the next three to five years, the organisation was able to get the greatest benefit without overinvesting in technology that exceeded their needs. This strategy enables the company to be scalable and react to its needs as its technology requirements grow.

Harnessing the full power of data

As the organisation acquired companies, it inherited each company’s unique data system, strategy and hierarchy, resulting in an accumulation of disparate, inconsistent, non-governed data and causing issues with data quality and reporting. The organisation needed a strategy to merge all of the data together into an effective data repository that could be used by various functions within the organisation, including finance, HR, legal and others.

It also needed a robust organisational data strategy to solve the challenges of undefined data metrics and give leadership access to actionable data that could be used to make decisions based on trusted data. The newly acquired companies also brought varying levels of technology. Creating a unified solution was imperative to gaining a holistic view of the company’s financials and processes.

To address these challenges, the company worked with Protiviti to gather information on the current state of its technologies and business pain points related to data issues. From this exercise, the organisation:

• Gained direct access to C-suite executives and leadership at every level of the company to hear their pain points and make recommendations moving forward
• Established a current state narrative and a roadmap and strategy recommendation
• Achieved new insights and pain points from every aspect of the company that can be used to plan company-wide initiatives

Transformation for continuing growth and success.

As the organisation continues to expand into a global business, its successful transformation enables the company to keep its core business development on track while addressing and managing the risks associated with operating as a public company. Protiviti continues to serve as a key advisor and partner, assisting the organisation in ongoing SOX compliance by providing support and coordination with external auditors, along with continued data strategy assessments.

When the organisation began its transformation journey, it was at a crossroads. It took a thoughtful, proactive approach to addressing what was best for the organisation, not only in the near term with regard to its IPO and capital infusion, but also over the long term with investments in finance, financial and technology systems, and data strategy, choosing the path that it knew would be best position it to grow and thrive.